self-hosted/woodpecker
1
0
Fork 0
mirror of https://github.com/woodpecker-ci/woodpecker.git synced 2026-06-03 16:35:37 +02:00
Code Issues Releases Activity

Prevent registering as arbitrary agents with system token (#6283)

Browse Source
This commit is contained in:
qwerty287
2026-03-21 11:19:13 +01:00
committed by GitHub
parent 31ed5865c5
commit df6c97d452
1 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/rpc/auth_server.go
+10 -3
View File
@@ -76,10 +76,17 @@ func (s *WoodpeckerAuthServer) getAgent(agentID int64, agentToken string) (*mode
if agentToken == s.agentMasterToken {
agent, err := s.store.AgentFind(agentID)
if err != nil && errors.Is(err, types.ErrRecordNotExist) {
return nil, fmt.Errorf("AgentID not found in database")
if err != nil {
if errors.Is(err, types.ErrRecordNotExist) {
return nil, fmt.Errorf("AgentID not found in database")
} else {
return nil, err
}
}
return agent, err
if !agent.IsSystemAgent() {
return nil, fmt.Errorf("the agent with this ID is not a system agent")
}
return agent, nil
}
}